mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-07-05 02:09:13 +00:00
Code Issues 32 Releases Wiki Activity

[per-object-permissions] Renamed the attribute in RLPs to be model instead of type

Browse Source 
git-svn-id: http://code.djangoproject.com/svn/django/branches/per-object-permissions@3518 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Christopher Long 2006-08-02 15:47:11 +00:00
parent 68072fa75c
commit aba82ef36b
6 changed files with 35 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
django/contrib/admin/row_level_perm_manipulator.py
View File

@ -32,15 +32,15 @@ class ChangeRLPManipulator(forms.Manipulator):
owner = MultipleObjSelectField.returnObject(new_data['owner'])
owner_ct = ContentType.objects.get_for_model(owner)
model_ct = rlp.type_ct
model = model_ct.get_object_for_this_type (pk=rlp.type_id)
model_ct = rlp.model_ct
model = model_ct.get_object_for_this_type (pk=rlp.model_id)
perm = Permission.objects.get(pk=new_data['perm'])
field_name_list = ('owner_ct', 'owner_id', 'type_ct', 'type_id', 'permission')
field_name_list = ('owner_ct', 'owner_id', 'model_ct', 'model_id', 'permission')
field_data = owner_ct.id
all_data = {'owner_id':owner.id, 'type_ct_id':model_ct.id, 'type_id':model.id, 'permission_id':perm.id}
all_data = {'owner_id':owner.id, 'model_ct_id':model_ct.id, 'model_id':model.id, 'permission_id':perm.id}
manipulators.manipulator_validator_unique_together(field_name_list, self.opts, self, field_data, all_data)
rlp.owner = owner
@ -74,9 +74,9 @@ class AddRLPManipulator(ChangeRLPManipulator):
for i in new_data.getlist('perm'):
perm = Permission.objects.get(pk=i)
field_name_list = ('owner_ct', 'owner_id', 'type_ct', 'type_id', 'permission')
field_name_list = ('owner_ct', 'owner_id', 'model_ct', 'model_id', 'permission')
field_data = ct.id
all_data = {'owner_id':owner.id, 'type_ct_id':self.ct.id, 'type_id':self.obj_instance.id, 'permission_id':perm.id}
all_data = {'owner_id':owner.id, 'model_ct_id':self.ct.id, 'model_id':self.obj_instance.id, 'permission_id':perm.id}
manipulators.manipulator_validator_unique_together(field_name_list, self.opts, self, field_data, all_data)
rlp = RowLevelPermission.objects.create_row_level_permission(self.obj_instance, owner, perm, negative=new_data['negative'])

3
django/contrib/admin/templates/admin/change_form.html
View File

@ -67,7 +67,10 @@
</form>
{% if new_rlp_form %}
<h1>{% trans "Row Level Permissions" %}</h1>
<div>
{% include "admin/row_level_permission.html" %}
</div>
{% endif %}
</div>

6
django/contrib/admin/templates/admin/row_level_permission.html
View File

@ -1,4 +1,6 @@
{% load i18n admin_modify %}
{% include_admin_script "js/ajax/prototype.js" %}
{% include_admin_script "js/ajax/scriptaculous.js" %}
{% include_admin_script "js/row_level_permission.js" %}
<table id="rlpTable">
<tr class="header">
@ -15,7 +17,7 @@
{% trans "Options" %}
</th>
</tr>
<form id="addRLPForm" method="POST" name="addRLPForm" action="../../../auth/row_level_permission/add/{{ content_type_id }}/{{ object_id }}/" onSubmit="addButtonPressed({{ obj_ct }}, {{ obj_id }}); return false;">
<form id="addRLPForm" method="POST" name="addRLPForm" action="../../../auth/row_level_permission/add/{{ content_type_id }}/{{ object_id }}/" onSubmit="addButtonPressed({{ content_type_id }}, {{ object_id }}); return false;">
<tr>
<th colspan=4>
{% trans "Add Permissions" %}
@ -73,7 +75,7 @@
</tr>
{% endfor %}
{% else %}
<tr><td>No row level permissions</td></tr>
<tr><td colspan=4><em>No row level permissions</em></td></tr>
{% endif %}
</TBODY>
</table>

10
django/contrib/admin/views/row_level_permissions.py
View File

@ -11,12 +11,12 @@ def delete_row_level_permission(request, ct_id, rlp_id, hash, ajax=None):
msg = {}
if utils.verify_objref_hash(ct_id, rlp_id, hash):
rlp = get_object_or_404(RowLevelPermission, pk=rlp_id)
ct = rlp.type_ct
obj = rlp.type
ct = rlp.model_ct
obj = rlp.model
opts = rlp._meta
if not request.user.has_perm(opts.app_label + '.' + opts.get_delete_permission()):
raise PermissionDenied
if not request.user.has_perm(obj._meta.app_label + '.' + obj._meta.get_change_permission()()):
if not request.user.has_perm(obj._meta.app_label + '.' + obj._meta.get_change_permission()):
raise PermissionDenied
rlp.delete()
msg = {"result":True, "text":_("Row level permission was successful deleted"), "id":rlp_id}
@ -92,7 +92,7 @@ def change_row_level_permission(request, ct_id, rlp_id, hash, ajax=None):
if not request.user.has_perm(opts.app_label + '.' + opts.get_add_permission()):
raise PermissionDenied
object_model = rlp.type_ct.model_class()
object_model = rlp.model_ct.model_class()
if not request.user.has_perm(object_model._meta.app_label + '.' + object_model._meta.get_change_permission()):
raise PermissionDenied
@ -111,4 +111,4 @@ def change_row_level_permission(request, ct_id, rlp_id, hash, ajax=None):
if ajax:
return HttpResponse(simplejson.dumps(msg), 'text/javascript')
request.user.message_set.create(message=msg['text'])
return HttpResponseRedirect("../../../../../../%s/%s/%s" % (object_model._meta.app_label, object_model._meta.module_name , str(rlp.type_id)))
return HttpResponseRedirect("../../../../../../%s/%s/%s" % (object_model._meta.app_label, object_model._meta.module_name , str(rlp.model_id)))

31
django/contrib/auth/models.py
View File

@ -48,27 +48,28 @@ class Permission(models.Model):
return "%s | %s" % (self.content_type, self.name)
class RowLevelPermissionManager(models.Manager):
def create_row_level_permission(self, object_instance, owner, permission, negative=False):
def create_row_level_permission(self, model_instance, owner, permission, negative=False):
if isinstance(permission, str):
permission = Permission.objects.get(codename__exact=permission)
type_ct=ContentType.objects.get_for_model(object_instance)
if type_ct != permission.content_type:
model_ct=ContentType.objects.get_for_model(model_instance)
if model_ct != permission.content_type:
raise TypeError, "Invalid value: Permission content type(%s) and object content type(%s) do not match" % (permission.content_type, type_ct)
rowLvlPerm = self.model(type_id=object_instance.id, type_ct=ContentType.objects.get_for_model(object_instance),
rowLvlPerm = self.model(model_id=model_instance.id, model_ct=model_ct,
owner_id=owner.id, owner_ct=ContentType.objects.get_for_model(owner),
permission=permission, negative=negative)
rowLvlPerm.save()
return rowLvlPerm
def create_default_row_permissions(self, type, owner, change=True, delete=True, negChange=False, negDel=False):
def create_default_row_permissions(self, model_instance, owner, change=True, delete=True, negChange=False, negDel=False):
ret_dict = {}
model_ct = ContentType.objects.get_for_model(model_instance)
if change:
change_str = "change_%s" % (ContentType.objects.get_for_model(type))
ret_dict[change_str]=self.create_row_level_permission(type, owner, change_str, negative=negChange)
change_str = "change_%s" % (model_ct)
ret_dict[change_str]=self.create_row_level_permission(model_instance, owner, change_str, negative=negChange)
if delete:
delete_str = "delete_%s" % (ContentType.objects.get_for_model(type))
ret_dict[delete_str]=self.create_row_level_permission(type, owner, delete_str, negative=negDel)
delete_str = "delete_%s" % (model_ct)
ret_dict[delete_str]=self.create_row_level_permission(model_instance, owner, delete_str, negative=negDel)
return ret_dict
class RowLevelPermission(models.Model):
@ -76,14 +77,14 @@ class RowLevelPermission(models.Model):
This uses generic relations to minimize the number of tables, and connects to the
permissions table using a many to one relation.
"""
type_id = models.PositiveIntegerField("'Type' ID")
type_ct = models.ForeignKey(ContentType, verbose_name="'Type' content type", related_name="type_ct")
model_id = models.PositiveIntegerField("'Model' ID")
model_ct = models.ForeignKey(ContentType, verbose_name="'Model' content type", related_name="model_ct")
owner_id = models.PositiveIntegerField("'Owner' ID")
owner_ct = models.ForeignKey(ContentType, verbose_name="'Owner' content type", related_name="owner_ct")
negative = models.BooleanField()
permission = models.ForeignKey(Permission)
type = models.GenericForeignKey(fk_field='type_id', ct_field='type_ct')
model = models.GenericForeignKey(fk_field='model_id', ct_field='model_ct')
owner = models.GenericForeignKey(fk_field='owner_id', ct_field='owner_ct')
objects = RowLevelPermissionManager()
@ -91,14 +92,14 @@ class RowLevelPermission(models.Model):
class Meta:
verbose_name = _('row level permission')
verbose_name_plural = _('row level permissions')
unique_together = (('type_ct', 'type_id', 'owner_id', 'owner_ct', 'permission'),)
unique_together = (('model_ct', 'model_id', 'owner_id', 'owner_ct', 'permission'),)
def __str__(self):
return "%s | %s:%s | %s:%s" % (self.permission, self.owner_ct, self.owner, self.type_ct, self.type)
return "%s | %s:%s | %s:%s" % (self.permission, self.owner_ct, self.owner, self.model_ct, self.model)
def __repr__(self):
return "%s | %s:%s | %s:%s" % (self.permission, self.owner_ct, self.owner, self.type_ct, self.type)
return "%s | %s:%s | %s:%s" % (self.permission, self.owner_ct, self.owner, self.model_ct, self.model)
class Group(models.Model):

2
django/db/models/base.py
View File

@ -63,7 +63,7 @@ class ModelBase(type):
if getattr(new_class._meta, 'row_level_permissions', None):
from django.contrib.auth.models import RowLevelPermission
gen_rel = django.db.models.GenericRelation(RowLevelPermission, object_id_field="type_id", content_type_field="type_ct")
gen_rel = django.db.models.GenericRelation(RowLevelPermission, object_id_field="model_id", content_type_field="model_ct")
new_class.add_to_class("row_level_permissions", gen_rel)
new_class._prepare()